Zum Hauptinhalt springen

Nachrichten

Server Team Status Report

Like any internal IT department, inquiries come across our desk day in and day out. Most often, we’re helping end-users and community members when…

Get Ready for TYPO3 v12

The first sprint release of the TYPO3 v12 series is just around the corner. We plan to release TYPO3 version 12.0 in less than two weeks, on 4 October…

TYPO3 11.5.16 and 10.4.32 security releases published

The versions 11.5.16 and 10.4.32 of the TYPO3 Enterprise Content Management System have just been released.

TYPO3-CORE-SA-2022-011: By-passing Cross-Site Scripting Protection in HTML Sanitizer

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.

TYPO3-CORE-SA-2022-010: Cross-Site Scripting in <f:asset.css> view helper

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.

TYPO3-CORE-SA-2022-009: Stored Cross-Site Scripting via FileDumpController

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.

TYPO3-CORE-SA-2022-008: Missing check for expiration time of password reset token for backend users

It has been discovered that TYPO3 CMS is vulnerable to broken access control.

TYPO3-CORE-SA-2022-007: User Enumeration via Response Timing

It has been discovered that TYPO3 CMS is vulnerable to information disclosure.

TYPO3-CORE-SA-2022-006: Denial of Service in Page Error Handling

It has been discovered that TYPO3 CMS is susceptible to denial of service.

Introducing a New Way to Meet TYPO3

There is a new event listing at typo3.org, where all of the titles start with “Meet TYPO3 at …”. These are external events where a person representing…

Documentation Team—Summer Update 2022

It’s been a busy summer in the northern hemisphere and we’ve got plenty of updates to share.

TYPO3 Developer Days 2022 Recap

The TYPO3 Developer Days is an international event for developers that takes place every year. For many developers in the community, It is the event…

TYPO3 Education Committee—TCCE Certification Team Update

Since the kick-off-phase, the TCCE Certification Team has been working on updating the skills for TYPO3 version 11. This is now officially complete.

Introducing the TYPO3 Content Blocks

We’re excited to announce that we’re working to introduce Content Blocks as a TYPO3 Core system extension, and we welcome developer help to achieve…

TYPO3 11.5.15 maintenance release published

The version 11.5.15 of the TYPO3 Enterprise Content Management System has just been released.

typo3.org Website Team Report Q2, 2022

The typo3.org team develops and maintains all the websites in the typo3.org universe. Working closely with other TYPO3 teams, we aim to satisfy every…

Happy 20th Birthday, TYPO3 Extension Repository

30 July 2022 marked the 20th anniversary of the first upload of a TYPO3 extension. We want to celebrate it and show some numbers.

TYPO3 11.5.14 maintenance release published

The version 11.5.14 of the TYPO3 Enterprise Content Management System has just been released.

TYPO3 11.5.13 and 10.4.31 maintenance releases published

The versions 11.5.13 and 10.4.31 of the TYPO3 Enterprise Content Management System have just been released.

TYPO3-EXT-SA-2022-014: SQL Injection in extension "LUX - TYPO3 Marketing Automation" (lux)

It has been discovered that the extension "LUX - TYPO3 Marketing Automation" (lux) is susceptible to SQL Injection.

TYPO3 Communication OKRs Initiative 2022/2023

 

 

Open Strategy Partners (OSP) is acting as Scrum master, and the project owner for the initiative is Mathias Bolt Lesniak.

In the early…

TYPO3 Education Committee—TCCE Certification Team Update

 

 

Meet & Greet at TYPO3 Education Committee Sprint in Düsseldorf

In Düsseldorf, we had six motivated team members, with contributors…

Growing Talent in the Job Market Desert

 

 

The call of businesses is strong and well-known—young tech talents are needed! But enticing a young audience to choose the path of IT…

Information From the Budget Q&A

 

 

This article contains information from that meeting as well as some additional facts and considerations.

Main Conclusions

TYPO3 Demo and QA Best Practices Join Forces

 

 

Demo Project

The TYPO3 demo site is available at demo.typo3.org. The goal of the project is to provide an instance where anyone is able…

This Is Lina Wolf, the New Documentation Team Co-Lead

 

 

“After completing my computer science studies in 2006, I got a boring Java job,” says Lina. “But then I met someone who showed me TYPO3…

TYPO3 11.5.12 and 10.4.30 maintenance releases published

 

 

The following TYPO3 updates have been released:

  • TYPO3 11.5.12 LTS
  • TYPO3 10.4.30 LTS

Further upgrade instructions

No database…

TYPO3-CORE-SA-2022-005: Insufficient Session Expiration in Admin Tool

It has been discovered that TYPO3 CMS is susceptible to broken access control.

TYPO3-CORE-SA-2022-004: Cross-Site Scripting in Frontend Login Mailer

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.

TYPO3-CORE-SA-2022-003: Cross-Site Scripting in Form Framework

It has been discovered that TYPO3 CMS is vulnerable to cross-site scripting.